package top.lixunda.commerce.monitor.admin.config;

import de.codecentric.boot.admin.server.config.AdminServerProperties;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;

/**
 * @author LiXunda
 * @version time:2019/7/18 21:51
 */
@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {

    /**
     * 获取上下文路径
     */
    private final String adminContextPath;

    @Autowired
    public SecurityConfig(AdminServerProperties adminServerProperties) {
        this.adminContextPath = adminServerProperties.getContextPath();
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.authorizeRequests()
                //选择登陆页面
                .antMatchers(adminContextPath + "/login").permitAll()
                //设置没有权限的跳转页面，即登陆页面
                .and().formLogin().loginPage(adminContextPath + "/login")
                //设置退出登录路径
                .and().logout().logoutUrl(adminContextPath + "/logout")
                .and().authorizeRequests().antMatchers(adminContextPath + "/").authenticated()
                .antMatchers(adminContextPath + "/#/**").authenticated()
                .and().httpBasic()
                .and().csrf().disable();

//        http
//                //认证需求
//                .authorizeRequests()
//                .antMatchers("/actuator/health").permitAll()
//                //选择资源路径
//                .antMatchers(adminContextPath + "/assets/**")
//                //允许通过
//                .permitAll()
//                //选择登陆页面
//                .antMatchers(adminContextPath + "/login")
//                //放行登陆界面
//                .permitAll()
//                //其余的所有需求
//                .anyRequest()
//                //需要认证才能放行
//                .authenticated()
//                .and()
//                //设置没有权限的跳转页面，即登陆页面
//                .formLogin().loginPage(adminContextPath + "/login")
//                .and()
//                //设置退出登录路径
//                .logout().logoutUrl(adminContextPath + "/logout")
//                .and()
//                //设置验证方式为Basic验证方式
//                .httpBasic()
//                .and()
//                //取消csrf
//                .csrf().disable();
    }
}
